Leonard Lyubich
e54b52ec03
[ #1420 ] object/acl: Fix correlation of object session to request
...
In previous implementation of `neofs-node` app object session was not
checked for substitution of the object related to it. Also, for access
checks, the session object was substituted instead of the one from the
request. This, on the one hand, made it possible to inherit the session
from the parent object for authorization for certain actions. On the
other hand, it covered the mentioned object substitution, which is a
critical vulnerability.
Next changes are applied to processing of all Object service requests:
- check if object session relates to the requested object
- use requested object in access checks.
Disclosed problem of object context inheritance will be solved within
Signed-off-by: Leonard Lyubich <ctulhurider@gmail.com>
2022-10-07 10:34:38 +03:00
Leonard Lyubich
eb1fba5182
[ #1680 ] morph/netmap: Adopt to recent contract changes
...
After recent Netmap contract changes all read methods which return
network map (either candidates or snapshots) encode node descriptors
into same structure.
Decode `netmap.Node` contract-side structure from the call results.
Replace node state with the value from the `netmap.Node.State` field.
Signed-off-by: Leonard Lyubich <ctulhurider@gmail.com>
2022-10-05 11:41:49 +03:00
Evgenii Stratonikov
76893bdc50
[ #1817 ] go.mod: Update neofs-sdk-go
...
Signed-off-by: Evgenii Stratonikov <evgeniy@morphbits.ru>
2022-10-04 12:12:18 +03:00
Leonard Lyubich
485a5418d2
[ #1793 ] node: Serve NetmapService.NetmapSnapshot
RPC
...
There is no more need to serve the same request on Control API.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-09-27 09:03:17 +03:00
Evgenii Stratonikov
4b8b575ca4
[ #1782 ] go.mod: Update neofs-sdk-go
...
Add fixes for key parameter in `object.Get` operation.
Signed-off-by: Evgenii Stratonikov <evgeniy@morphbits.ru>
2022-09-14 13:18:19 +04:00
Evgenii Stratonikov
f1572a674b
[ #1775 ] go.mod: Update neofs-sdk-go
...
Make use of fixes for the placement policy parser.
Signed-off-by: Evgenii Stratonikov <evgeniy@morphbits.ru>
2022-09-12 19:10:49 +04:00
Evgenii Stratonikov
4354359aed
[ #1746 ] network: Set timeout for streaming operations
...
Signed-off-by: Evgenii Stratonikov <evgeniy@morphbits.ru>
2022-09-07 16:00:51 +04:00
Evgenii Stratonikov
180e5e938f
[ #1735 ] go.mod: Update API and SDK
...
Signed-off-by: Evgenii Stratonikov <evgeniy@morphbits.ru>
2022-08-30 12:27:46 +03:00
Evgenii Stratonikov
5827a926c9
[ #1729 ] go.mod: Update neofs-contract to v0.15.5
...
Signed-off-by: Evgenii Stratonikov <evgeniy@morphbits.ru>
2022-08-25 12:31:00 +03:00
Evgenii Stratonikov
19585c63ed
[ #1730 ] go.mod: Update neofs-sdk-go
...
Signed-off-by: Evgenii Stratonikov <evgeniy@morphbits.ru>
2022-08-24 17:17:42 +03:00
Evgenii Stratonikov
871fae8321
[ #1705 ] go.mod: Update neo-go to v0.99.2
...
Signed-off-by: Evgenii Stratonikov <evgeniy@morphbits.ru>
2022-08-23 11:59:23 +03:00
Pavel Karpy
0720d96c9d
[ #1687 ] go.mod: Update neofs-sdk-go
...
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
2022-08-22 18:59:57 +03:00
Pavel Karpy
d40ed00438
[ #1687 ] go.mod: Update neofs-api-go
...
It contains the signature fix for go `v1.19`.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
2022-08-22 18:59:57 +03:00
Pavel Karpy
8c8ae56960
[ #1645 ] go.mod: Update dependencies
...
- `neofs-api-go` to `v2.13.1`;
- `neofs-sdk-go` to `7a99cc916c8e`.
Signed-off-by: Evgenii Stratonikov <evgeniy@morphbits.ru>
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
2022-08-01 20:45:36 +03:00
Evgenii Stratonikov
5efcd34680
[ #1639 ] go.mod: Update neofs-sdk-go to v1.0.0-rc.6
...
Signed-off-by: Evgenii Stratonikov <evgeniy@morphbits.ru>
2022-07-29 12:07:53 +03:00
Evgenii Stratonikov
07465849a4
[ #1637 ] go.mod: Update neo-go to v0.99.1
...
Signed-off-by: Evgenii Stratonikov <evgeniy@morphbits.ru>
2022-07-28 20:11:45 +03:00
Evgenii Stratonikov
54fe7667fb
[ #1625 ] go.mod: Update dependencies
...
Signed-off-by: Evgenii Stratonikov <evgeniy@morphbits.ru>
2022-07-25 19:00:07 +03:00
Evgenii Stratonikov
10c855efef
[ #1624 ] go.mod: Update dependencies
...
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-07-25 16:56:02 +03:00
Evgenii Stratonikov
175e9da3a7
[ #1612 ] go.mod: Update cobra dependency
...
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-07-22 16:18:09 +03:00
Evgenii Stratonikov
45321b3f6d
[ #1328 ] services/tree: Fix grpc import path
...
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-07-21 15:08:24 +03:00
Evgenii Stratonikov
62154da17c
[ #1324 ] services/tree: Implement Object Tree Service
...
Object Tree Service allows changing trees assotiated with
the container in runtime.
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-07-21 15:08:24 +03:00
Evgenii Stratonikov
6cc180391e
[ #1606 ] go.mod: Update neo-go
...
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-07-18 12:41:06 +03:00
Leonard Lyubich
fdf62e8562
[ #1586 ] Upgrade NeoFS SDK Go to rc#5
...
Error checkers now support wrapped errors so there is no need to
explicitly unwrap errors in `Policer`.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-07-07 14:23:41 +03:00
Leonard Lyubich
9a11a75b77
[ #1570 ] Upgrade NeoFS SDK Go with changed reputation API
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-07-06 18:21:24 +03:00
Leonard Lyubich
c165d1a9b5
[ #1556 ] Upgrade NeoFS SDK Go with changed container API
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-07-05 11:26:06 +03:00
Leonard Lyubich
305dd7598f
[ #1533 ] acl: Upgrade NeoFS SDK Go with refactored basic ACL
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-06-25 13:57:21 +03:00
Pavel Karpy
bb52372108
[ #1544 ] go.mod: Update SDK
...
The updated version supports reading network configuration uint64 values
that consist of less than 8 bytes.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
2022-06-24 13:40:07 +03:00
Leonard Lyubich
b67974a8d3
[#xxx] Upgrade NeoFS SDK Go with changed container sessions
...
After recent changes in NeoFS SDK Go library session tokens aren't
embedded into `container.Container` and `eacl.Table` structures.
Group value, session token and signature in a structure for container
and eACL.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-06-22 16:38:57 +03:00
Evgenii Stratonikov
0408acc40e
services/control: Autogenerate stable marshalers
...
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-06-20 16:52:58 +03:00
Leonard Lyubich
21d2f8f861
[ #1513 ] Upgrade NeoFS SDK Go with changed netmap
package
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-06-17 15:53:18 +03:00
Leonard Lyubich
2e4a1cb6df
[ #1518 ] Upgrade NeoFS SDK Go with changed subnet
package
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-06-15 17:02:49 +03:00
Evgenii Stratonikov
795d1e0789
[ #1494 ] go.mod: Update neofs-sdk-go
...
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-06-15 12:26:10 +03:00
Evgenii Stratonikov
9e430abf83
[ #1498 ] go.mod: Update neo-go to master
...
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-06-09 16:16:46 +03:00
Evgenii Stratonikov
91ed0d20ff
[ #1417 ] go.mod: Update neo-go to v0.99.0
...
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-06-08 10:27:49 +03:00
Leonard Lyubich
fa009db140
[ #1464 ] ir/container: Fix verifying the operations within sessions
...
In previous implementation `verifySignature` method of container
processor worked incorrectly for operations without a key and with
session: processor tried to verify signature with one of the bound owner
keys instead of session one.
Use `VerifySessionDataSignature` method to check the signature if
session is used. Refactor `verifySignature` a bit with session check
highlighting for readability.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-06-07 23:26:30 +03:00
Leonard Lyubich
f6d121a4e4
[ #1485 ] Upgrade NeoFS SDK Go module
...
New version includes the fix of the session signing.
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-06-07 16:34:15 +03:00
Leonard Lyubich
72708296cc
Upgrade NeoFS SDK Go to v1.0.0-rc.4 and NeoFS API Go to v2.12.2
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-06-03 17:17:50 +03:00
Leonard Lyubich
1c30414a6c
[ #1454 ] Upgrade NeoFS SDK Go module with new IDs
...
Core changes:
* avoid package-colliding variable naming
* avoid using pointers to IDs where unnecessary
* avoid using `idSDK` import alias pattern
* use `EncodeToString` for protocol string calculation and `String` for
printing
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-06-01 17:41:45 +03:00
Leonard Lyubich
2bcc0051ab
[ #1423 ] session: Get session issuer from token structure
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-05-27 15:45:33 +03:00
Leonard Lyubich
4c8ec20e32
[ #1423 ] session: Upgrade SDK package
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-05-27 15:45:33 +03:00
Pavel Karpy
786c920fb2
[ #1430 ] go.mod: Update neo-go
...
v0.98.2 => v0.98.3
That patch includes fixing panic when using WS client with a closed
connection.
Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
2022-05-25 13:54:58 +03:00
Leonard Lyubich
bb25ecbd15
[ #1400 ] owner: Upgrade SDK package
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-05-23 15:33:14 +03:00
Evgenii Stratonikov
4761857fb3
[ #1396 ] cmd: Allow to autogenerate documentation for all commands
...
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-05-20 13:35:22 +03:00
Leonard Lyubich
aeb9884218
[ #1389 ] crypto: Upgrade SDK package
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-05-19 10:12:14 +03:00
Leonard Lyubich
5e50ddd7f5
[ #1389 ] storagegroup: Upgrade SDK package
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-05-19 10:12:14 +03:00
Leonard Lyubich
f15e6e888f
[ #1377 ] oid, cid: Upgrade SDK package
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-05-16 15:33:22 +03:00
Evgenii Stratonikov
efb6545bfe
[ #722 ] neofs-adm: Allow to initialize local dump
...
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-05-16 15:07:31 +03:00
Leonard Lyubich
3a188bb2e5
[ #1371 ] bearer: Upgrade SDK package
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-05-12 15:16:17 +03:00
Leonard Lyubich
ae92074272
[ #1369 ] checksum: Upgrade SDK package
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-05-12 09:48:31 +03:00
Leonard Lyubich
088df0e2a9
[ #1369 ] version: Upgrade SDK package
...
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2022-05-12 09:48:31 +03:00